Login

openSUSE Security Update : xen (openSUSE-2015-391) (Venom)

High Nessus Plugin ID 83965

Synopsis

The remote openSUSE host is missing a security update.

Description

The XEN hypervisor was updated to fix two security issues : - Fixed a buffer overflow in the floppy drive emulation, which could be used to denial of service attacks or potential code execution against the host. (CVE-2015-3456) - Xen did not initialize certain fields, which allowed certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request. (CVE-2015-3340)